Vulnerabilities > Incorrect Authorization
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-4465 | Incorrect Authorization vulnerability in Nozominetworks CMC and Guardian An access control vulnerability was discovered in the Reports section due to a specific access restriction not being properly enforced for users with limited privileges. If a logged-in user with reporting privileges learns how to create a specific application request, they might be able to make limited changes to the reporting configuration. | 5.0 |
| 2024-09-10 | CVE-2024-42423 | Incorrect Authorization vulnerability in Citrix Workspace 23.9.0.24.4 Citrix Workspace App version 23.9.0.24.4 on Dell ThinOS 2311 contains an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. | 7.1 |
| 2024-09-10 | CVE-2024-44114 | Incorrect Authorization vulnerability in SAP Netweaver Application Server Abap SAP NetWeaver Application Server for ABAP and ABAP Platform allow users with high privileges to execute a program that reveals data over the network. | 2.7 |
| 2024-09-09 | CVE-2024-8601 | Incorrect Authorization vulnerability in Techexcel Back Office Software This vulnerability exists in TechExcel Back Office Software versions prior to 1.0.0 due to improper access controls on certain API endpoints. | 6.5 |
| 2024-09-04 | CVE-2024-34642 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in One UI Home prior to SMR Sep-2024 Release 1 allows physical attackers to temporarily access sensitive information. | 4.6 |
| 2024-09-04 | CVE-2024-34650 | Incorrect Authorization vulnerability in Samsung Android 14.0 Incorrect authorization in CocktailbarService prior to SMR Sep-2024 Release 1 allows local attackers to access privileged APIs related to Edge panel. | 3.3 |
| 2024-09-04 | CVE-2024-34651 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Improper authorization in My Files prior to SMR Sep-2024 Release 1 allows local attackers to access restricted data in My Files. | 5.5 |
| 2024-09-04 | CVE-2024-34652 | Incorrect Authorization vulnerability in Samsung Android 12.0/13.0/14.0 Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage. | 3.3 |
| 2024-09-03 | CVE-2024-45588 | Incorrect Authorization vulnerability in Symphonyfintech XTS Mobile Trader and XTS web Trader This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to improper access controls on APIs in the Preference module of the application. | 8.1 |
| 2024-09-01 | CVE-2024-45509 | Incorrect Authorization vulnerability in Misp In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin. | 6.5 |